Let's Encrypt Certificate - Synology NAS Howto

I own a Synology NAS and it now supports the free certificates from Let's Encrypt.  The only problem with Synology's implimentation is that they only allow the web (HTTP-01) method of certificate verification.  This means that I have to map port 80 and 443 from my NAS and make it available to the Internet.  Yuch!   This is what I did to use Let's Encrypt and not open up and web ports to the internet.


Setup OpenVPN on FreeBSD 10.2

This acticle will go through the install and configuration to use FreeBSD as your OpenVPN server and how to create the client config files.


Adding a Second Drive

This article documents how to add a second drive to your FreeBSD system and format it as UFS.  If you have a system that allows hot-plugging (like the Dell line of servers) then this can be done live without shutting down the server.  If not, then you will have to shut down the server only to insert the drive.  In this article I am going to reference SCSI drive devices (da2) if you have SATA devices, then please not that the device ID will be different (ada2).  


NUT Client for VMWare ESXi

NUT is some great software for managing a UPS and notifiying all your client s to shutdown properly.  This document describes how to install a NUT client into ESXi 5 or 6 and have it shut down properly when there is a critical power outage.  The NUT client is integrated into the ESXi hypervisor and can be configured from the vSphere Client


Stop PHP files from executing.

If you are a maintainer of a websiter or CMS, don't always trust the built in security.  If the user can upload images or stories to the web site then a hacker may be able to upload script or code as well.  One easy way to mitigate this is to make sure that you do not allow scripts to execute by turning off PHP. 


What SSL protocols is a site using.

Wondering what SSL encryption and protocols a site is using.  Cipherscan is free and work well.  You can find it here: Cipherscan


Port or Package Installation Date

There are a number of times that I need to find out when a port or package was last upgraded or installed.  This comes in very handy every time I need to upgrade all my ports and I can't remember how far back I need to check in /usr/ports/UPDATING.


Upgrading all ports via portupgrade.

portupgradeis a tool that allows you to upgrade ports on your FreeBSD system. It has its faults, and it doesn't always work (see below), but its about as close as you can get on FreeBSD to a 'one-click' upgrade.

DHCP and resolv.conf

DHCP on FreeBSD updates your DNS information in /etc/resolv.conf.  This works great for workstation and other systems that only have one interface but what about systems that are connected to multiple networks.  You may not want it to update your /etc/resolv.conf or just update part of it.